Mac malware outbreak hits Apple computers worldwide

Malicious software designed to steal personal information has infected more than 600,000 Mac computers worldwide, warns a Russian cyber security firm, with the vast majority of victims in the United States and Canada.

Moscow-based anti-virus vendor Dr. Web said Wednesday malware known as the Flashback Trojan had managed to install itself on about 550,000 Apple Inc. computers around the world, with 57% of infected PCs in the U.S. and another 20% in Canada. Sorokin Ivan, an analyst with the company, said on Twitter later in the day the number of compromised machines had risen past 600,000, with 274 of them based in Cupertino, the southern California city where Apple is headquartered.

“This once again refutes claims by some experts that there are no cyber-threats to Mac OS X,” Dr. Web said.

CNET first reported on the existence of Flashback last September when the trojan was pretending to be a plug-in installer for Adobe’s Flash Player, though a new version began proliferating in February engineered to exploit a vulnerability in the Mac operating system related to how it reads the Java programming language. Users can become infected simply by navigating to a compromised web site which Dr. Web said could number more than four million.

Once installed, the software takes control of administrative functions and scours the infected computer for passwords and other personal user data to send to a centralized location presumably controlled by the cyber criminal responsible. By taking control of a computer, the hackers are essentially adding one ‘bot’ to their nefarious network, hence the term “botnet”.

“Each bot includes a unique ID of the infected machine into the query string it sends to a control server,” the Russian company explained.

“Doctor Web’s analysts employed the sinkhole technology to redirect the botnet traffic to their own servers and thus were able to count infected hosts.”